CVE-2025-63638

Sourcecodester AI-Powered To-Do List App v1.0 is vulnerable to Cross-Site Scripting XSS in the "Task Title" and "Description Optional" fields when creating a Task, allowing an attacker to inject arbitrary potentially malicious HTML/JavaScript code that executes in the victim's browser upon clicki...

CVE-2025-63713

CVE-2025-63713 affects SourceCodester MatchMaster 1.0. The Red Hat, ENISA EUVD, NVD and other records describe a Cross-Site Scripting (XSS) vulnerability caused by insufficient sanitization of user input in the custom test creation feature (test titles and matching pair items). The flaw allows re...

CVE-2025-63717

Summary: CSRF in SourceCodester Pet Grooming Management Software 1.0. The change password functionality at /pet_grooming/admin/change_pass.php is vulnerable due to missing anti-CSRF tokens and same-site cookie protections, potentially allowing attackers to trick authenticated users into changing ...

CVE-2025-63716

The CVE-2025-63716 entry concerns SourceCodester Leads Manager Tool v1.0, which is vulnerable to Cross-Site Request Forgery (CSRF). The root cause stated across sources is lack of CSRF protection mechanisms (no anti-CSRF tokens and no same-origin verification) on critical endpoints, enabling unau...

CVE-2025-12597

A vulnerability was detected in SourceCodester Best House Rental Management System 1.0. Affected by this vulnerability is the function savecategory of the file /adminclass.php. Performing manipulation of the argument Name results in sql injection. The attack can be initiated remotely. The exploit...

CVE-2025-12614

A weakness has been identified in SourceCodester Best House Rental Management System 1.0. Impacted is the function deletepayment of the file /adminclass.php. This manipulation of the argument ID causes sql injection. The attack is possible to be carried out remotely. The exploit has been made...

CVE-2025-12614 SourceCodester Best House Rental Management System admin_class.php delete_payment sql injection

A weakness has been identified in SourceCodester Best House Rental Management System 1.0. Impacted is the function deletepayment of the file /adminclass.php. This manipulation of the argument ID causes sql injection. The attack is possible to be carried out remotely. The exploit has been made...

CVE-2025-12614

The CVE-2025-12614 issue affects SourceCodester Best House Rental Management System 1.0, specifically the delete_payment function in /admin_class.php. The vulnerability arises from manipulating the ID argument, enabling SQL injection and remote exploitation. Multiple connected sources (NVD, Red H...

CVE-2025-12614 SourceCodester Best House Rental Management System admin_class.php delete_payment sql injection

A weakness has been identified in SourceCodester Best House Rental Management System 1.0. Impacted is the function deletepayment of the file /adminclass.php. This manipulation of the argument ID causes sql injection. The attack is possible to be carried out remotely. The exploit has been made...

SourceCodester Best House Rental Management System SQL注入漏洞

SourceCodester Best House Rental Management System is a SourceCodester open source house rental management system. SourceCodester Best House Rental Management System version 1.0 exists SQL injection vulnerability, the vulnerability stems from the function deletepayment in the file /adminclass.php...

PT-2025-44747

Name of the Vulnerable Software and Affected Versions SourceCodester Best House Rental Management System version 1.0 Description A weakness exists in the software that allows for SQL injection. The issue is located in the delete payment function within the /admin class.php file. Manipulation of t...

CVE-2025-12597

A vulnerability was detected in SourceCodester Best House Rental Management System 1.0. Affected by this vulnerability is the function savecategory of the file /adminclass.php. Performing manipulation of the argument Name results in sql injection. The attack can be initiated remotely. The exploit...

CVE-2025-12598 SourceCodester Best House Rental Management System admin_class.php save_tenant sql injection

A flaw has been found in SourceCodester Best House Rental Management System 1.0. Affected by this issue is the function savetenant of the file /adminclass.php. Executing manipulation of the argument firstname can lead to sql injection. The attack can be launched remotely. The exploit has been...

CVE-2025-12598 SourceCodester Best House Rental Management System admin_class.php save_tenant sql injection

A flaw has been found in SourceCodester Best House Rental Management System 1.0. Affected by this issue is the function savetenant of the file /adminclass.php. Executing manipulation of the argument firstname can lead to sql injection. The attack can be launched remotely. The exploit has been...

CVE-2025-12597

The CVE-2025-12597 entry concerns SourceCodester Best House Rental Management System 1.0. The vulnerability resides in the function save_category in the file /admin_class.php, where manipulation of the Name argument enables SQL injection. The issue is exploitable remotely and, according to connec...

CVE-2025-12597 SourceCodester Best House Rental Management System admin_class.php save_category sql injection

A vulnerability was detected in SourceCodester Best House Rental Management System 1.0. Affected by this vulnerability is the function savecategory of the file /adminclass.php. Performing manipulation of the argument Name results in sql injection. The attack can be initiated remotely. The exploit...

CVE-2025-12597 SourceCodester Best House Rental Management System admin_class.php save_category sql injection

A vulnerability was detected in SourceCodester Best House Rental Management System 1.0. Affected by this vulnerability is the function savecategory of the file /adminclass.php. Performing manipulation of the argument Name results in sql injection. The attack can be initiated remotely. The exploit...

PT-2025-44735

Name of the Vulnerable Software and Affected Versions SourceCodester Best House Rental Management System version 1.0 Description A flaw exists in the software that allows for remote SQL injection. The issue is located in the save category function within the /admin class.php file. Manipulation of...

SourceCodester Best House Rental Management System SQL注入漏洞

SourceCodester Best House Rental Management System is a SourceCodester open source house rental management system. SourceCodester Best House Rental Management System version 1.0 exists SQL injection vulnerability, the vulnerability stems from the file /adminclass.php function savetenant on the...

SourceCodester Best House Rental Management System SQL注入漏洞

SourceCodester Best House Rental Management System is a SourceCodester open source house rental management system. SourceCodester Best House Rental Management System version 1.0 has a SQL injection vulnerability, the vulnerability stems from the incorrect operation of the parameter Name of the...